Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Script (7.60.0096 / 12.11.2008) (0x0220411d;0x0c000063)
- lang English
- flash 0
- # Setup/IP-Router/Firewall/Actions
- cd /2/8/10/4
- # Name Description
- # -------------------------------------------------------------------------------------------------------
- tab 1 2
- add "ACCEPT" "%A"
- add "REJECT-WITH-SNMP-MESSAGE" "%Lcds0 %R %N"
- add "ACCEPT-VPN" "%Lcds0 @v %A"
- cd /
- # Setup/IP-Router/Firewall/Objects
- cd /2/8/10/1
- # Name Description
- # -------------------------------------------------------------------------------------------------------
- tab 1 2
- add "ANY" ""
- add "ANYHOST" "%A0.0.0.0 %M0.0.0.0"
- add "LOCALNET" "%L"
- add "ICMP" "%P1"
- add "TCP" "%P6"
- add "UDP" "%P17"
- add "FTP" "TCP %S21 "
- add "SSH" "TCP %S22 "
- add "TELNET" "TCP %S23 "
- add "MAIL" "TCP %S25,110,143 "
- add "HTTP" "TCP %S80,443 "
- add "HTTPS" "TCP %S443 "
- add "WEB" "TCP %S80,443 "
- add "RDP" "TCP %S3389 "
- add "ELSTER" "TCP %S8000 "
- add "TFTP" "UDP %S69 "
- add "NTP" "UDP %S123 "
- add "IPSEC" "UDP %S500 "
- add "SNMP" "UDP %S161-162 "
- add "DNS" "TCP UDP %S53 "
- add "SMTP" "TCP %S25 "
- cd /
- # Setup/IP-Router/Firewall/Rules
- cd /2/8/10/2
- # Name Prot. Source Destination Action Linked Prio Firewall- VPN-Rule Stateful Rtg-tag Comment
- # ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- tab 1 2 3 4 7 8 9 10 11 12 14 13
- add "ALLOW-VPN-ROUTING" "ANY" "ANYHOST" "ANYHOST" "ACCEPT-VPN" 0 1 0 0 0 0 ""
- add "ALLOW-IPSEC" "ANY" "LOCALNET" "IPSEC ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-SNMP" "ANY" "LOCALNET" "SNMP ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-NTP" "ANY" "LOCALNET" "NTP ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-TFTP" "ANY" "LOCALNET" "TFTP ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-DNS" "ANY" "LOCALNET" "DNS ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-ELSTER" "ANY" "LOCALNET" "ELSTER ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-RDP" "ANY" "LOCALNET" "RDP ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-HTTP/S" "ANY" "LOCALNET" "WEB ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-MAILING" "ANY" "LOCALNET" "MAIL ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-TELNET" "ANY" "LOCALNET" "TELNET ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-SSH" "ANY" "LOCALNET" "SSH ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-FTP" "ANY" "LOCALNET" "FTP ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-ICMP" "ICMP" "LOCALNET" "ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "ALLOW-SMTP" "ANY" "LOCALNET" "SMTP ANYHOST" "ACCEPT" 0 0 0 0 0 0 ""
- add "DENY-ALL" "ANY" "ANYHOST" "ANYHOST" "REJECT-WITH-SNMP-MESSAGE" 0 0 0 0 0 0 ""
- flash 1
- # done
- exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement